• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
barracuda warns of zero day exploited to breach email security gateway

Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances

You are here: Home / General Cyber Security News / Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances
May 26, 2023

Email protection and network security expert services service provider Barracuda is warning buyers about a zero-working day flaw that it claimed has been exploited to breach the firm’s Email Security Gateway (ESG) appliances.

The zero-day is remaining tracked as CVE-2023-2868 and has been described as a distant code injection vulnerability affecting variations 5.1.3.001 as a result of 9.2..006.

The California-headquartered organization said the issue is rooted in a element that screens the attachments of incoming emails.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


“The vulnerability occurs out of a failure to comprehensively sanitize the processing of .tar file (tape archives),” according to an advisory from the NIST’s countrywide vulnerability databases.

“The vulnerability stems from incomplete enter validation of a consumer-supplied .tar file as it pertains to the names of the data files contained within just the archive. As a consequence, a distant attacker can precisely format these file names in a individual way that will consequence in remotely executing a process command by means of Perl’s qx operator with the privileges of the Email Security Gateway solution.”

The shortcoming, Barracuda observed, was discovered on May 19, 2023, prompting the organization to deploy a patch across all ESG equipment around the world a working day later. A next resolve was introduced on Might 21 as section of its “containment system.”

Additionally, the company’s investigation uncovered proof of lively exploitation of CVE-2023-2868, resulting in unauthorized obtain to a “subset of email gateway appliances.”

The enterprise, which has more than 200,000 global buyers, did not disclose the scale of the attack. It mentioned afflicted end users have been right contacted with a record of remedial actions to consider.

Barracuda has also urged its buyers to critique their environments, incorporating it can be still actively checking the problem.

Future WEBINARZero Belief + Deception: Understand How to Outsmart Attackers!

Uncover how Deception can detect state-of-the-art threats, stop lateral movement, and enhance your Zero Belief system. Be part of our insightful webinar!

Conserve My Seat!

The id of the risk actors guiding the attack is at present not acknowledged, but Chinese and Russian hacking groups have been observed deploying bespoke malware on susceptible Cisco, Fortinet, and SonicWall equipment in latest months.

The growth arrives as Defiant alerted of large-scale exploitation of a now-mounted cross-web site scripting (XSS) flaw in a plugin termed Wonderful Cookie Consent Banner (CVSS rating: 7.2) that’s mounted on in excess of 40,000 web-sites.

The vulnerability provides unauthenticated attackers the skill to inject destructive JavaScript to a site, most likely permitting redirects to malvertising websites as well as the creation of rogue admin people, ensuing in website takeovers.

The WordPress security business claimed it “blocked virtually 3 million attacks versus additional than 1.5 million web pages, from almost 14,000 IP addresses since Could 23, 2023, and attacks are ongoing.”

Discovered this write-up exciting? Comply with us on Twitter  and LinkedIn to read through extra special written content we article.


Some components of this posting are sourced from:
thehackernews.com

Previous Post: «Cyber Security News Advanced Phishing Attacks Surge 356% in 2022
Next Post: New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids new cosmicenergy malware exploits ics protocol to sabotage power grids»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New Variant of Banking Trojan BBTok Targets Over 40 Latin American Banks
  • How to Interpret the 2023 MITRE ATT&CK Evaluation Results
  • Iranian Nation-State Actor OilRig Targets Israeli Organizations
  • High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server
  • Apple Rushes to Patch 3 New Zero-Day Flaws: iOS, macOS, Safari, and More Vulnerable
  • Mysterious ‘Sandman’ Threat Actor Targets Telecom Providers Across Three Continents
  • Researchers Raise Red Flag on P2PInfect Malware with 600x Activity Surge
  • The Rise of the Malicious App
  • China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers
  • Cyber Group ‘Gold Melody’ Selling Compromised Access to Ransomware Attackers

Copyright © TheCyberSecurity.News, All Rights Reserved.